Notes

Note that digital signing is currently not recommended by CAcert. This is recorded in the CPS (DRAFT) which warns that CAcert certificates are not currently issued for digital signing in a human sense. See 1.4.3 and 1.4.4 for more details. The CPS is a controlling document (and therefore overrides the below).

English

Your computer generates your digital signature which consists of a row of number of at least 1024 random numbers

You sign a document with your own signature

Your email program attaches your digital signature to the email before sending it

You receive a document written by a person that you know

You receive an email with a digital signature, which your email program already knows

You receive a document with a signature from a person you do not know

You receive an email with a digital signature which the email program does not know

You receive a document with a signature that you don´t know, but the signature is notarized by an official authority

You receive an email with a digital signature, which the email program does not know, but the digital signature is approved by CAcert Wrong. CAcert does not approve a signature, but does know the person who owns the key.

Discussion

With digital signatures, someone can put a digital signature on a document (or a file, form-data, image or email) if they have the appropriate software. Later, someone else can verify that digital signature, which will provide an indication as to who signed it, that the document is the one that has been signed, and that it has not been modified.

Lifetime

Users of signatures have varying timeframes: days to years. Some security relevant organisations are talking about a necessary timeframe of minimum 30 years for digital signatures, to be verified successfully. Protocols for digital signing should preserve the certificate for that length of time.

Revocation of a Signature

One important difference for a signing protocol is to understand if there is a difference between expiration and revoking. Consider Bob and Alice:

# Bob gets his CAcert certificate in October 2004, which lasts 2 years, so it will expire in October 2006. # Bob signs an important document in 2005 with his private key and the CAcert certificate. # Afterwards the document and the signature are being archived. # In the year 2010, Alice gets the document from the archive, and verifies the signature.

The verification program will hopefully tell Alice the following:

Bob's key signed this document in 2005.

The document is intact, and has not been modified.

Bob´s certificate was valid at the time of signature (2005).

Bob´s certificate has expired in 2006, but has never been revoked.

So in the context of Digital Signatures, it is very important to understand the role of "expiration", and the difference to "revocation". Expiration should mean that it has run out, and that it cannot be used anymore for new signatures, or new communication sessions. Digital Signatures that have been made with this key while it was valid ARE STILL VALID.

Revocation means that the private key has leaked, or the certificate was wrongly issued (or any other reason). This will invalidate signatures made after the revocation, and may cast doubt in signatures made before because the revocation date will come after the effective loss of control over the key. Some software acts as if revocation nullifies all signatures, effectively invalidating them. This would then can cause problems with contracts as there is now an easy way to get out of a contract, by revoking a key.

Some more things:

If revocation is the signal to invalidate all signatures, certificates may need to be revocable after they expired.

CRI (Certification Revocation Information (CRLs and OCSP)) should be made available even years after expiration of certificates.

Rollover

The next topic that is strongly attached to the Digital Signature is Key-Rollover. When a cert is set to expire, rolling over the key into a new certificate may help to avoid complications with digital signatures. Especially, if software treats the expired certificates bluntly, it may tell the user things like the signatures are expired or that they are revoked.

Caveats

All in all, DigitalSigning is a very difficult application. The (wip) CPS says that it is not reliable. For this reason, there is an attempt to create a digital signing protocol that incorporates additional protection to overcome the above issues.